Skip to content

Commit

Permalink
[manuf] remove deps on non-prod FT bins
Browse files Browse the repository at this point in the history
The prod-signed FT binaries can still be used to provision dev devices
since the prod key is accepted in all LC states. This removes the
requirment on having a nitrokey to provision dev devices.

Signed-off-by: Tim Trippel <[email protected]>
  • Loading branch information
timothytrippel committed Dec 22, 2023
1 parent 1ad6970 commit eb26b03
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 15 deletions.
22 changes: 10 additions & 12 deletions sw/host/provisioning/orchestrator/ot_device.py
Original file line number Diff line number Diff line change
Expand Up @@ -7,14 +7,13 @@
import re
import sqlite3

from util import format_hex, confirm, run, OT_SQL_TABLE_NAME
from util import OT_SQL_TABLE_NAME, confirm, format_hex, run


class OTDevice:

def __init__(self, device_id, test_unlock_token, test_exit_token,
target_lc_state, sku, fpga_test,
log_archive_root):
target_lc_state, sku, fpga_test, log_archive_root):
"""Class representing an Opentitan Device being provisioned.
Arguments:
Expand Down Expand Up @@ -84,7 +83,8 @@ def cp_provision(self, require_confirmation=True):

if res.returncode != 0:
logging.warning(
f"cp_provisioning returned with non-zero exit code: {res.returncode}." +
f"cp_provisioning returned with non-zero exit code: {res.returncode}."
+
" Logs have been written but no database entry has been made yet."
)
confirm()
Expand All @@ -96,10 +96,7 @@ def ft_provision(self, ecc_priv_keyfile, require_confirmation=True):
logging.info("Running FT Provisioning")

sram_ft_indiv_elf_path = "sw/device/silicon_creator/manuf/skus/earlgrey_a0/sival_bringup/sram_ft_individualize_{}_{}.elf" # noqa: E501
perso_bin_path = "sw/device/silicon_creator/manuf/skus/earlgrey_a0/sival_bringup/"
if self.target_lc_state == "prod":
perso_bin_path += "binaries/"
perso_bin_path += "{}"
perso_bin_path = "sw/device/silicon_creator/manuf/skus/earlgrey_a0/sival_bringup/binaries/"

if self.fpga_test:
elf = sram_ft_indiv_elf_path.format(
Expand All @@ -125,13 +122,13 @@ def ft_provision(self, ecc_priv_keyfile, require_confirmation=True):
elf = sram_ft_indiv_elf_path.format(self.sku, "silicon_creator")

bootstrap = perso_bin_path.format(
f"ft_personalize_1_silicon_creator.earlgrey_a0_{self.target_lc_state}_0.signed.bin"
"ft_personalize_1_silicon_creator.earlgrey_a0_prod_0.signed.bin"
)
bootstrap2 = perso_bin_path.format(
f"ft_personalize_2_silicon_creator.earlgrey_a0_{self.target_lc_state}_0.signed.bin"
"ft_personalize_2_silicon_creator.earlgrey_a0_prod_0.signed.bin"
)
bootstrap3 = perso_bin_path.format(
f"ft_personalize_3_silicon_creator.earlgrey_a0_{self.target_lc_state}_0.signed.bin"
"ft_personalize_3_silicon_creator.earlgrey_a0_prod_0.signed.bin"
)

platform_bazel_flags = "--//signing:token=//signing/tokens:nitrokey"
Expand Down Expand Up @@ -164,7 +161,8 @@ def ft_provision(self, ecc_priv_keyfile, require_confirmation=True):

if res.returncode != 0:
logging.warning(
f"ft_provisioning returned with non-zero return code: {res.returncode}." +
f"ft_provisioning returned with non-zero return code: {res.returncode}."
+
" Logs have been written but no database entry has been made yet."
)
confirm()
Expand Down
3 changes: 0 additions & 3 deletions sw/host/tests/manuf/provisioning/ft/BUILD
Original file line number Diff line number Diff line change
Expand Up @@ -15,9 +15,6 @@ rust_binary(
srcs = ["src/main.rs"],
data = [
"//sw/device/silicon_creator/manuf/keys/fake:rma_unlock_token_export_key.sk_hsm.der",
"//sw/device/silicon_creator/manuf/skus/earlgrey_a0/sival_bringup:ft_personalize_1",
"//sw/device/silicon_creator/manuf/skus/earlgrey_a0/sival_bringup:ft_personalize_2",
"//sw/device/silicon_creator/manuf/skus/earlgrey_a0/sival_bringup:ft_personalize_3",
"//sw/device/silicon_creator/manuf/skus/earlgrey_a0/sival_bringup:sram_ft_individualize_all",
"//sw/device/silicon_creator/manuf/skus/earlgrey_a0/sival_bringup/binaries:ft_personalize_1_prod_signed",
"//sw/device/silicon_creator/manuf/skus/earlgrey_a0/sival_bringup/binaries:ft_personalize_2_prod_signed",
Expand Down

0 comments on commit eb26b03

Please sign in to comment.